Home
Details
Lectures
Reference
Schedule & Lectures
Tentative schedule, and subject to change at any time.
Time
Topic
Lectures & Readings
Labs
Sep 8
Overview
Lecture:
Overview
Lab 1:
Buffer Ovewflows
sep 9
Buffer overflow
Lecture:
buf overflow
Prepare:
read
Smashing The Stack For Fun And Profit
Homework:
question
sep 15
Stack Protection
Lecture:
Stack guard
, stack shield, NXstack
Prepare:
read
StackGuard
read
Four different tricks to bypass StackShield and StackGuard protection
Homework:
question
 
sep 16
Ret-to-libc
Lecture:
ret-to-libc
Prepare:
READ
Bypassing non-executable-stack during exploitation using return-to-libc
(
Question
)
sep 22
GOT Hijacking
Lecture:
GOT
Prepare:
read
How to hijack the Global Offset Table with pointers for root shells
Homework:
question
Lab 2:
Return-to-libc
sep 23
Integer Overflow
Lecture:
integer
Prepare:
read
Basic Integer Overflows
read
Nearly All Binary Searches and Mergesorts are Broken
Homework
:
Question
 
sep 29
Format string attack
Lecture:
string
Prepare:
read
Exploiting Format String Vulnerabilities
(
Question
)
sep 30
Heap overflow
Lecture:
heap
Prepare:
read
w00w00 on Heap Overflows
read
Once upon a free()
(Optional)
read
Heap spraying demystified
(Optional)
Homework
:
Question
Lab 3:
Privilage Separation
oct 13
Unix Security Basics
LEC:
Files
Prepare:
READ
Setuid Demystified
(
Question
)
 
Sep. 12
Set-uid Vulnerability
LEC:
set-uid (also
prof. Du's note
)
Prepare:
READ
How To Write a Setuid Program
(
Question
)
 
sep. 17
Binary Injection
LEC:
ELF injection
Prepare:
READ
UNIX VIRUSES
READ
ELF Documentation
(Optional)
READ
x86 disassembly
(Optional)
READ
x86 Assembly (in ATT syntax)
(Optional)
(
Question
)
oct. 15
Race condition
LEC:
race
Prepare:
READ
Prevent race conditions
(
Question
)
Lab 4:
Authentication
oct. 16
Anti Disassembly
LEC:
Anti disassembly
Prepare:
READ
Anti-disassembly
(
Question
)
 
oct. 17
Anti-Debugging
LEC:
Anti debugging
Prepare:
READ
Anti Anti Debugging
READ
Playing with ptrace
, and
part II
(
Question
)
 
oct. 22
Anti-Virtual Machine
LEC:
anti-vm
Prepare:
READ
Attacks on Virtual Machine Emulators
READ
Anti Virtual Machines and Emulations
(Optional)
READ
VMWare
(Optional)
(
Question
)
 
oct. 23
Fault Isolation
LEC:
sfi
Prepare:
READ
Efficient Software-Based Fault Isolation
(Question)
 
oct. 24
Trojan Horse
LEC:
trojan
Prepare:
READ
Reflections on Trusting Trust
(
Question
)
 
nov. 11
Final exam
9:30--11:30, Room 101 of MinXue Building